Page1 / 7
The purpose of this tool is to allow U.S. small manufacturers to self-evaluate the level of cyber risk to your business.  This assessment is based on the National Institute of Standards and Technology’s (NIST) Cyber Security Framework.  This tool is to be used only for guidance and does not imply approval by NIST MEP and cannot be used to demonstrate compliance in accordance with the NIST Disclaimer

Question Title

NIST Cybersecurity Framework:  Five Steps to Reduce Risk

NIST Cybersecurity Framework:  Five Steps to Reduce Risk
After completing the assessment, you will be given an overall score and the ability to review the best/correct answers to each question.  You may print this information for future reference.  It is estimated that it will take 10-13 minutes to complete the assessment.  Use the Prev/Next buttons on the bottom of the page to move backward/forward through the assessment.  You can change your answers as needed until you complete the assessment.  

Individual responses will remain anonymous. The results of this assessment will not be made public. We will not track you by person or company name. Some information about your visit to this site is tracked.  Refer to the Privacy Policy and Security Statement and the NIST Privacy Policy for more information.

While NIST will take reasonable precautions to protect any personally identifiable information (PII) or business identifiable information (BII) submitted on this form, the Department of Commerce considers this PII/BII to be non-sensitive.  The electronic transmission of non-sensitive PII/BII is equivalent to transmitting the same information by the U.S. mail, a private delivery service, courier, facsimile, or voice.  Although each of these methods has vulnerabilities, the transmitted information can only be compromised because of theft, fraud, or other illegal activity.  By transmitting this information on this form the sender is indicating their acceptance of this risk.